While most of us say we would ignore an email request from a bank asking for personal information, the statistics show that up to 45% of internet users keep clicking on dangerous links or providing personal information where they shouldn’t.

The prevalence of phishing scams signals that more sophisticated baits are still very profitable for cyber criminals. One cyber security firm reports blocked 51 million attempts to open a phishing page in Q1 2017, while another report reveals that last year 30% of phishing emails were opened.

This suggests that although users may recognize basic malicious emails, more sophisticated phishing attempts often still work.

With two major ransomware attacks that have just circled the globe, and rising email phishing, the question remains: how can email users get better at spotting malicious messages?

Tips for spotting a phishing email:

1. Check the sender’s address. Don’t just trust the display name – pay attention to the email address. If the domain looks suspicious (e.g. info@secure.apple.com), don’t open the email.

3. Analyze at the greeting. Your bank or another legitimate institution would often address you with your full name. If you see a vague “Dear user” instead, remain vigilant.

4. Don’t click on links – instead, hover your mouse on the button to see the destination link. Check if it looks legitimate and, especially, if it contains the “https” part to indicate a secure connection.

5. When in doubt, contact your bank or other institution over the phone or alternative email address and ask to confirm if the email is legitimate.

And NordVPN has recently added a CyberSec feature that turns on every time a user switches the VPN on, and protects from malware, annoying ads and phishing attempts. It checks each website the user tries to access against a list of malicious sites. Any site included in the phishing blacklist is blocked before any harm can be done.